The U.S. Department of Justice has just charged four North Korean citizens with fraud and money laundering. They used fake identities to work at blockchain startups in the U.S. and Serbia, then stole nearly $1 million in cryptocurrency.
Methods of fraud and threats
These individuals initially operated in the UAE, then infiltrated crypto companies as remote IT employees. After gaining trust, they embezzled $175,000 and $740,000 in 2022, then laundered the money through mixing services and exchanges using fake documentation.
According to Chainalysis, this is a common tactic of North Korea: embedding people into organizations to gather information, manipulate security, and even instigate insider attacks. The stolen money is concealed through many complex transactions, demonstrating the sophistication of North Korean cybercrime.
This case also exposes vulnerabilities in the crypto industry, where companies often hire remote staff without thoroughly checking backgrounds. This creates opportunities for state-sponsored actors to exploit, using fake identities to make money and wait for opportunities to steal company funds.
Countermeasures and warnings
The U.S. Department of Justice has taken strong legal action. They filed a civil lawsuit regarding a larger scheme by North Korean IT staff, exploiting tens of millions of dollars. At the same time, they conducted coordinated raids across 16 states, seizing numerous financial accounts, scam websites, and about 200 computers used as remote access points for North Korean agents.
Experts warn that it is extremely important for companies to identify and protect themselves from these threats.